CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2024-0921 – D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection
https://notcve.org/view.php?id=CVE-2024-0921
A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setDeviceSettings of the component Web Interface. The manipulation of the argument statuscheckpppoeuser leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xiyuanhuaigu/cve/blob/main/rce.md https://vuldb.com/?ctiid.252139 https://vuldb.com/?id.252139 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43239
https://notcve.org/view.php?id=CVE-2023-43239
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro flag_5G en showMACfilterMAC. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/showMACfilterMAC/1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43240
https://notcve.org/view.php?id=CVE-2023-43240
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro sip_address en ipportFilter. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/ipportFilter/1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43236
https://notcve.org/view.php?id=CVE-2023-43236
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer a través del parámetro statuscheckpppoeuser en dir_setWanWifi. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/dir_setWanWifi/1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43238
https://notcve.org/view.php?id=CVE-2023-43238
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi. Se descubrió que D-Link DIR-816 A2 v1.10CNB05 contenía un Desbordamiento del Búfer mediante el parámetro nvmacaddr en form2Dhcpip.cgi. • https://github.com/peris-navince/founded-0-days/blob/main/Dlink/816/form2Dhcpip_cgi/1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •